1. Field of the Invention
The present invention relates to a communication system and method for securely and efficiently sharing a link key for security and authentication in a ZigBee network.
2. Description of the Related Art
In a ZigBee network, communication between a coordinator and an end device, between a router and an end device, or between an end device and an end device in one Personal Area Network (PAN) is performed using a link key based on a master key. Herein, the term “ZigBee” refers to ZIGBEE® specification-compliant networks, devices, communications, etc. In the ZigBee network, security and authentication between two devices is achieved by establishing a master key between the two devices and sharing authentication data. The devices should generate the same link keys using the established master key, and perform security and authentication by checking the generation of the same link keys. In this way, the conventional ZigBee network handles security and authentication using a symmetric key scheme.
However, the conventional scheme must share the master key necessary for generating a link key, or shared data on an off-line basis. If the devices share the master key on-line and generate a link key based thereon, when there is no data to share off-line, a third device may fraudulently generate and share the same link key by monitoring the link key generation process.
Meanwhile, the devices performing ZigBee communication in the ZigBee network should freely build and destroy a PAN with each other, without spatial restrictions. For example, when several PANs are generated in adjacent spaces and the PANs are grouped centering on the coordinator, each PAN may want to keep the security from other PANs. The conventional scheme cannot securely share the link key unless it establishes the master key off-line on a one-by-one basis. This may be inconvenient in that as the number of PANs formed by the coordinator increases, all of multiple devices connected thereto should establish the master key off-line. Therefore, there is a demand for a method capable of securely generating and sharing a link key, without having to establish the master key off-line.